Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A system to securely perform a firmware update on a computing system, the system comprising: a computer system firmware update package comprising a new firmware for a Trusted Execution Environment (TEE), a security extension to isolate the TEE; and a firmware update system to run in the TEE, wherein the TEE continues to operate normally while the firmware update system performs integrity, authenticity validation and management of the computer system firmware update package, creates a Stage Trusted Execution Environment (STEE) to replace the TEE, copies the TEE into the STEE, applies the new firmware to the STEE, and updates a boot configuration to start the STEE as the TEE, wherein the firmware update system validates the STEE after applying the new firmware and prior to updating the boot configuration to start the STEE as the TEE.
The system securely updates firmware in a computing system by leveraging a Trusted Execution Environment (TEE) to ensure integrity and authenticity. The TEE provides a secure environment for executing sensitive operations, but updating its firmware poses risks if not handled properly. The system addresses this by creating a temporary Stage Trusted Execution Environment (STEE) to safely apply updates without disrupting the existing TEE. The firmware update package includes new firmware for the TEE and a security extension to isolate the TEE during the update process. A firmware update system runs within the TEE, performing integrity and authenticity checks on the update package. It then creates the STEE, copies the existing TEE into it, applies the new firmware to the STEE, and validates the updated STEE before modifying the boot configuration to replace the original TEE with the STEE. This ensures the system remains secure and operational throughout the update process. The approach minimizes risk by validating the STEE before making it the primary TEE, preventing potential security vulnerabilities from an improperly updated environment.
2. The system as claimed in claim 1 further comprising a Bootloader that validates the TEE each time when the computing system starts and loads the TEE after successful validation.
A computing system includes a Trusted Execution Environment (TEE) that provides secure execution for sensitive operations. The TEE is isolated from the main operating system to protect against unauthorized access or tampering. To enhance security, the system includes a Bootloader that validates the TEE during system startup. The Bootloader checks the integrity and authenticity of the TEE before loading it into memory. This validation ensures that the TEE has not been compromised or altered. Only after successful validation does the Bootloader proceed to load the TEE, allowing the computing system to operate securely. This mechanism prevents unauthorized modifications to the TEE, maintaining the security and trustworthiness of the system. The Bootloader acts as a gatekeeper, enforcing security policies before the TEE is activated, thereby reducing the risk of attacks during the boot process. This approach is particularly useful in environments where secure execution is critical, such as financial transactions, authentication, or handling sensitive data.
3. The system as claimed in claim 1 further comprising a Bootloader that detects a failed or damaged TEE and removes the TEE.
A system for managing a Trusted Execution Environment (TEE) in a computing device includes a Bootloader that detects and removes a failed or damaged TEE. The TEE is a secure processing environment that isolates sensitive operations from the main operating system. The system ensures that if the TEE becomes corrupted or fails, the Bootloader identifies the issue during the device's startup process and removes the compromised TEE to prevent security vulnerabilities. This removal process may involve resetting the TEE to a known good state or completely disabling it until a valid recovery or reinstallation can be performed. The system may also include mechanisms to verify the integrity of the TEE before allowing it to operate, ensuring that only trusted and functional TEEs are used. By automatically detecting and removing damaged TEEs, the system enhances the security and reliability of the computing device, particularly in environments where secure processing is critical. The Bootloader's role in this process ensures that the TEE is properly managed even before the main operating system is fully initialized, providing early-stage protection against potential security threats.
4. The system as claimed in claim 1 wherein the system comprises limited hardware resources.
A system is designed for efficient operation under constrained hardware resources, addressing the challenge of optimizing performance in environments with limited processing power, memory, or storage. The system includes a primary processing unit that executes tasks while dynamically managing resource allocation to prevent overload. A monitoring module tracks hardware utilization in real-time, identifying bottlenecks or inefficiencies. When resource constraints are detected, the system adjusts task priorities, delays non-critical operations, or redistributes workloads to available components. The system may also incorporate predictive algorithms to anticipate resource demands and preemptively adjust configurations. Additionally, a power management module ensures energy efficiency by scaling down idle components or activating low-power modes when possible. The system is particularly useful in embedded devices, IoT applications, or edge computing where hardware resources are scarce but reliability and responsiveness are critical. By dynamically balancing workloads and optimizing resource usage, the system maintains functionality without requiring hardware upgrades.
5. The system as claimed in claim 1 wherein the firmware update system migrates a configuration of the TEE to the STEE.
A firmware update system for secure computing environments addresses the challenge of securely transitioning configurations between trusted execution environments (TEEs) and secure trusted execution environments (STEEs). The system enables seamless migration of configuration data from a TEE to an STEE, ensuring continuity and security during firmware updates. The TEE provides a secure execution environment for sensitive operations, while the STEE offers enhanced security features, such as additional isolation and protection mechanisms. The migration process involves extracting configuration settings from the TEE, validating their integrity, and applying them to the STEE without exposing sensitive data to unauthorized access. This ensures that security policies, cryptographic keys, and other critical parameters remain intact during transitions. The system may also include mechanisms to verify the authenticity of the configuration data and detect tampering, further enhancing security. By automating this migration, the system reduces manual intervention, minimizing human error and improving efficiency. The solution is particularly useful in environments where high-security requirements necessitate frequent firmware updates without compromising system integrity.
6. The system as claimed in claim 1 wherein the TEE functions as a backup to the STEE.
A system for secure data processing includes a trusted execution environment (TEE) and a secure trusted execution environment (STEE). The STEE is a specialized security module designed to handle highly sensitive operations, such as cryptographic key management, authentication, and secure data storage. The TEE serves as a backup to the STEE, ensuring system continuity if the STEE becomes unavailable or compromised. The TEE can temporarily assume the STEE's functions, maintaining security and operational integrity. The system may include additional components, such as a processor, memory, and input/output interfaces, to facilitate secure communication and data processing. The TEE and STEE operate within a computing device, such as a server, workstation, or embedded system, to protect sensitive data from unauthorized access. The backup functionality ensures that critical security operations remain available even if the primary STEE fails, reducing downtime and enhancing system resilience. The system may also include mechanisms for failover detection, automatic switching between the STEE and TEE, and secure state synchronization to maintain consistency. This approach improves reliability in environments where security and availability are paramount, such as financial transactions, healthcare data management, and government applications.
7. The system as claimed in claim 1 further comprising restarting the device to boot the new TEE.
A system for managing a Trusted Execution Environment (TEE) in a computing device includes a secure boot process that verifies and loads a TEE firmware image from a secure storage location. The system ensures the integrity and authenticity of the TEE firmware by validating its cryptographic signature before execution. If the TEE firmware is corrupted or compromised, the system prevents its execution and may trigger a secure recovery mechanism. The system also includes a mechanism to update the TEE firmware by replacing the existing firmware with a new version stored in a secure storage location. The update process involves verifying the new firmware's cryptographic signature before replacing the old firmware. Additionally, the system includes a mechanism to restart the device to boot the new TEE firmware after an update, ensuring the updated firmware is properly initialized and executed. This restart process may involve a secure reboot sequence to maintain the integrity of the TEE during the transition. The system is designed to enhance the security and reliability of the TEE by ensuring only verified and trusted firmware is executed, even after updates or system restarts.
Unknown
June 30, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.